# enable-security-alerts-sample **Repository Path**: mirrors_github/enable-security-alerts-sample ## Basic Information - **Project Name**: enable-security-alerts-sample - **Description**: This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given organization. - **Primary Language**: Unknown - **License**: MIT - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2020-08-08 - **Last Updated**: 2025-10-18 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README > [!WARNING] > ### This repository has been deprecated and is no longer maintained > > The features of the scripts are now natively supported in GitHub, please explore the following options: > - [Configuring global Dependabot settings](https://docs.github.com/en/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization#configuring-global-dependabot-settings) > - [Managing Dependabot alerts for your organization](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts#managing-dependabot-alerts-for-your-organization) > - [Choosing a custom security configuration](https://docs.github.com/en/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/choosing-a-security-configuration-for-your-repositories#choosing-a-custom-security-configuration) > - [Applying the GitHub-recommended security configuration to all repositories in your organization](https://docs.github.com/en/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization#applying-the-github-recommended-security-configuration-to-all-repositories-in-your-organization) # Enable Dependabot alerts and Dependabot security updates sample This repository contains sample scripts for Node and Bash which can be used to enable security alerts and automated security fixes in all of the repositories in a given organization. This project is being provided as a sample only which illustrates how to [enable Dependabot alerts](https://developer.github.com/v3/repos/#enable-vulnerability-alerts) and [enable Dependabot security updates](https://developer.github.com/v3/repos/#enable-automated-security-fixes) in all repositories in a given organization. ## Node script Note: This node script is also available integrated into the [GitHub Administration Tool (`ghad`)](https://github.com/18F/ghad). ### Prerequisites * Install [Node](https://nodejs.org/en/) * Clone this repository * At the commandline, run `npm install` * [Generate a new personal access token](https://github.com/settings/tokens) with `repo` and `read:org` permissions * Copy `.env.example` to `.env` and include your new personal access token in the `GH_AUTH_TOKEN` value. ### Calling this script to enable Dependabot alerts * At the commandline, run `node enable-security-alerts-for-org.js myorgname` where `myorgname` is your organization. This will enable Dependabot alerts on all repositories in your organization. ### Calling this script to check for enabled Dependabot alerts * At the commandline, run `node enable-security-alerts-for-org-check.js myorgname` where `myorgname` is your organization. This will enable Dependabot alerts on all repositories in your organization. ### Calling this script to enable Dependabot security updates **You'll need to enable security alerts before you can Dependabot security updates** * At the commandline, run `node enable-automated-security-fixes-for-org.js myorgname` where `myorgname` is your organization. This will enable Dependabot security updates on all repositories in your organization. ## Shell script ### Prerequisites * Ensure that you have `bash` shell available on your system. If you're running Windows, additional setup may be required. [How to install Bash on Windows 10](https://www.windowscentral.com/how-install-bash-shell-command-line-windows-10) * [Generate a new personal access token](https://github.com/settings/tokens) with `repo` and `read:org` permissions ### Calling this script to enable Dependabot alerts * At the commandline, run `./shell_script/enable_vulnerability_alerts_for_entire_org.sh myorgname accessToken` where `myorgname` is your organization, and `accessToken` is the personal access token you generated earlier. ### Calling this script to enable Dependabot security updates **You'll need to enable Dependabot alerts before you can enable Dependabot security updates** * At the commandline, run `./shell_script/enable_automated_security_fixes_for_entire_org.sh myorgname accessToken` where `myorgname` is your organization, and `accessToken` is the personal access token you generated earlier. ### Contributing If you'd like to contribute to this sample with fixes, or support for other platforms, please follow the [contribution guidelines](CONTRIBUTING.md). ### License This project is available under the MIT license.